Pub. online:17 Jun 2022Type:Research ArticleOpen Access
Volume 33, Issue 2 (2022), pp. 365–397
Blockchain is gaining traction for improving the security of healthcare applications, however, it does not become a silver bullet as various security threats are observed in blockchain-based applications. Moreover, when performing the security risk management (SRM) of blockchain-based applications, there are conceptual ambiguities and semantic gaps that hinder from treating the security threats effectively. To address these issues, we present a blockchain-based healthcare security ontology (HealthOnt) that offers coherent and formal information models to treat security threats of traditional and blockchain-based applications. We evaluate the ontology by performing the SRM of a back-pain patient’s healthcare application case. The results show that HealthOnt can support the iterative process of SRM and can be continually updated when new security threats, vulnerabilities, or countermeasures emerge. In addition, the HealthOnt may assist in the modelling and analysis of real-world situations while addressing important security concerns from the perspective of stakeholders. This work can help blockchain developers, practitioners, and other associated stakeholders to develop secure blockchain-based healthcare applications in the early stages.